Trend Micro Apex Central (syslog)

Configure Trend Micro Apex Central for syslog forwarding to Radiant Security.

In this guide, you will set up the Trend Micro Apex Central connector within Radiant in order to forward Trend Micro logs to Radiant.

Prerequisites

Add the data connector in Radiant Security

  1. Log in to Radiant Security.

  2. From the navigation menu, click Settings > Data Connectors and click + Add Connector.

  3. Search for and select the Trend Micro Apex Central (syslog) option, click Data Feeds, and then click Credentials.

  4. Under Credential Name, give the credential an identifiable name (e.g. Trend Micro Apex Central Credentials).

  5. Under Required Credentials, in the Connector tag field enter a value. This value will act as the salt to randomize the unique Token you’ll download in the next step.

  6. Click Add Connector.

  7. Copy and save the connector Token value using the clipboard option or download the Token file. You will need this token to complete the configuration.

  8. Click Done to save your changes.

Configure a local Radiant Security Agent

Refer to the Install the Radiant Security Agent guide to set up a local agent to collect the logs.

Configure Trend Micro Apex Central to forward logs to the Radiant Security Log Collector

  1. Log into the Apex Central Console.

  2. Navigate to Administration > Settings > Syslog Settings.

  3. Click Enable syslog forwarding.

  4. Under Syslog Settings, configure the following settings:

    • Server Address: Enter the IP address of the local Radiant Security Syslog Collector previously deployed

    • Port: 514

    • Protocol: SSL/TLS

    • If Use server certificate is selected, unselect it.

    • For Format, select CEF.

    • For Frequency, set 0 hours and 1 minute.

    • For Log Type, select Security Logs from the drop-down and select all of the checkboxes.

  5. Click Done.

PreviousSplunk WebhookNextVaronis (syslog)

Last updated